The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
The (1) sqlite_single_query and (2) sqlite_array_query functions in ext/sqlite/sqlite.c in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to execute arbitrary code by calling these functions with an empty SQL query, which triggers access of uninitialized memory.
|56459||GLSA-201110-06 : PHP: Multiple vulnerabilities||Nessus||Gentoo Local Security Checks|
|49306||Ubuntu 6.06 LTS / 8.04 LTS / 9.04 / 9.10 / 10.04 LTS : php5 vulnerabilities (USN-989-1)||Nessus||Ubuntu Local Security Checks|
|5616||PHP < 5.2.14 / 5.3.x < 5.3.3 Multiple Vulnerabilities||Nessus Network Monitor||Web Servers|